chore(deps): update maven plugins and plugin dependency updates

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
org.owasp:dependency-check-maven (source)	12.1.8 -> 12.1.9
org.sonarsource.scanner.maven:sonar-maven-plugin (source)	5.2.0.4988 -> 5.3.0.6276
org.apache.maven.plugins:maven-release-plugin (source)	3.1.1 -> 3.2.0
org.apache.maven.plugins:maven-jar-plugin (source)	3.4.2 -> 3.5.0

---

Release Notes

dependency-check/DependencyCheck (org.owasp:dependency-check-maven)

v12.1.9

Compare Source

• fix: correct bundle audit gem in Dockerfile (#​8121)
• fix: normalization during comparisons (#​8046)
• docs: document multiple configurations for gradle (#​8111)
• docs: fix typos in some files (#​8106)
• docs: Update SBT plugin link; fix dead report link (#​8086)
• chore: Replace deprecated lucene methods (#​8079)
• docs: fix #​8076 - Error in documentation "Suppressing False Positives" (#​8077)
• fix(fp): Improve false positive suppression for matches against golang web_project (#​8059)
• fix(fp): Consolidate/update icu4j suppressions for false positives (#​8062)
• fix(fp): Correct GRPC java suppressions for newer C/C++/native false positives (#​8063)
• fix(fp): Suppress false positive CPEs for protobuf-java per #​7854 (#​8064)

See the full listing of changes

SonarSource/sonar-scanner-maven (org.sonarsource.scanner.maven:sonar-maven-plugin)

v5.3.0.6276

Compare Source

Release notes - Sonar Scanner for Maven - 5.3

Bug

SCANMAVEN-283 Mvn 4.0.0-rc-3 breaks scanner because change of API

SCANMAVEN-308 Toolchains are not properly discovered by the scanner with Maven 4

Task

SCANMAVEN-297 Update README.md with copy from Product Marketing

SCANMAVEN-301 PrepareNextIteration.yml: add recent improvements

SCANMAVEN-302 Update GH release and releasability actions

SCANMAVEN-303 Delete mend_scan_task

SCANMAVEN-305 Migrate Cirrus build to Github actions

SCANMAVEN-307 Migrate QA from Cirrus to Github action

SCANMAVEN-309 Prevent injection in PrepareNextIteration GHA

SCANMAVEN-310 Exclude test projects from SCA

SCANMAVEN-311 Upgrade dependencies

SCANMAVEN-314 Fix ProxyTest on GitHub actions

SCANMAVEN-315 Rework QA: split invoker-based ITs and Orchestrator-based e2e

SCANMAVEN-325 Update license header from SonarSource SA to SonarSource Sàrl

SCANMAVEN-326 Delete Cirrus CI config

SCANMAVEN-327 Use explicit build number

---

Configuration

📅 Schedule: Branch creation - Only on Monday ( * * * * 1 ) (UTC), Automerge - Only on Sunday ( * * * * 0 ) (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.